Hello,
I’m trying to remove a manual Gatekeeper exception using Terminal using the command 'spctl ——remove /Applications/Application.app'. The exception may be (and likely is) present more than once on some client machines.
Adding the exception works fine using the spctl binary, as does searching for it using 'sudo spctl ——list | grep UNLABELED' showing that there is an exception present.
Removing it seems to be problematic, in that the remove command will work intermittently. When it works, it works great, but when it doesn't it returns the following even though the list command shows the whitelist is there:
sudo spctl --remove "/Applications/Application.app"
/Applications/Application.app: no matches for search or update operation
The exception is still listed:
sudo spctl --list | grep UNLABELED
2721[UNLABELED] P0 allow execute [/Applications/Application.app]
I need to perform a mass action and the ID of the exception is obviously not going to be the same on every client, so I’m hoping there’s something simple I’m missing? Resetting Gatekeeper completely seems overkill and will likely result in a lot of tickets to the Helpdesk.
Thanks in advance,
Justin.